Its about a syntax in php while inserting data in mysql table

Question

Why is this syntax used:

mysql_query("INSERT INTO users (username, password, email, hash) VALUES( 
'". mysql_escape_string($name) ."', 
'". mysql_escape_string(md5($password)) ."', 
'". mysql_escape_string($email) ."', 
'". mysql_escape_string($hash) ."') ") or die(mysql_error());  

I do not have any confusion about mysql_escape_string , function, however why is mysql_escape_string($name), enclosed within two dots:. mysql_escape_string($name) . then it is enclosed within double quotes:". mysql_escape_string($name) ." lastly the whole thing is enclosed within a single quote :'". mysql_escape_string($name) ."' I got this form the following web resource: http://net.tutsplus.com/tutorials/php/how-to-implement-email-verification-for-new-members/

...Its a php email verification program.

Answer 1

The (.) is concatenating the whole string together. see here string operators

If you echo'ed the query it would look something like this.

INSERT INTO users (username, password, email, hash) 
    VALUES ('Jeff', 'hashedpassword', 'email@email.com', 'somehash')

Answer 2

The dot (.) is the glue for string concatenation. It is used also for separating variables:

"First part of a string". $myvar ." second part of a string"

The double quotes is the way we say that that is a string:

123

is considered an integer,

"123"

is considered a string.

And finally the single quote is a part of the mysql syntax that requires the strings to be surrounded by '.

Answer 3

The dot operator is the glue for string concatenation. The double quotes represent the start and end of a string. "string1" . "string2" . "string3" would be equivilant to: "string1string2string3".